use of org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials in project jackrabbit by apache.
the class UserImplTest method testCredentials.
public void testCredentials() throws RepositoryException, NoSuchAlgorithmException, UnsupportedEncodingException {
User u = (User) userMgr.getAuthorizable(uID);
Credentials uc = u.getCredentials();
assertTrue(uc instanceof CryptedSimpleCredentials);
assertTrue(((CryptedSimpleCredentials) uc).matches((SimpleCredentials) creds));
}
use of org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials in project jackrabbit by apache.
the class UserImplTest method testChangePassword.
public void testChangePassword() throws RepositoryException, NotExecutableException, NoSuchAlgorithmException, UnsupportedEncodingException {
User u = (User) userMgr.getAuthorizable(uID);
String sha1Hash = "{" + SecurityConstants.DEFAULT_DIGEST + "}" + Text.digest(SecurityConstants.DEFAULT_DIGEST, "abc".getBytes());
String md5Hash = "{md5}" + Text.digest("md5", "abc".getBytes());
// valid passwords and the corresponding match
Map<String, String> pwds = new HashMap<String, String>();
// plain text passwords
pwds.put("abc", "abc");
pwds.put("{a}password", "{a}password");
// passwords with hash-like char-sequence -> must still be hashed.
pwds.put(sha1Hash, sha1Hash);
pwds.put(md5Hash, md5Hash);
pwds.put("{" + SecurityConstants.DEFAULT_DIGEST + "}any", "{" + SecurityConstants.DEFAULT_DIGEST + "}any");
pwds.put("{" + SecurityConstants.DEFAULT_DIGEST + "}", "{" + SecurityConstants.DEFAULT_DIGEST + "}");
for (String pw : pwds.keySet()) {
u.changePassword(pw);
String plain = pwds.get(pw);
SimpleCredentials sc = new SimpleCredentials(u.getID(), plain.toCharArray());
CryptedSimpleCredentials cc = (CryptedSimpleCredentials) u.getCredentials();
assertTrue(cc.matches(sc));
}
// valid passwords, non-matching plain text
Map<String, String> noMatch = new HashMap<String, String>();
noMatch.put("{" + SecurityConstants.DEFAULT_DIGEST + "}", "");
noMatch.put("{" + SecurityConstants.DEFAULT_DIGEST + "}any", "any");
noMatch.put(sha1Hash, "abc");
noMatch.put(md5Hash, "abc");
for (String pw : noMatch.keySet()) {
u.changePassword(pw);
String plain = noMatch.get(pw);
SimpleCredentials sc = new SimpleCredentials(u.getID(), plain.toCharArray());
CryptedSimpleCredentials cc = (CryptedSimpleCredentials) u.getCredentials();
assertFalse(pw, cc.matches(sc));
}
}
use of org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials in project jackrabbit by apache.
the class UserImplTest method testLoginWithCryptedCredentials.
public void testLoginWithCryptedCredentials() throws RepositoryException {
User u = (User) uMgr.getAuthorizable(uID);
Credentials creds = u.getCredentials();
assertTrue(creds instanceof CryptedSimpleCredentials);
try {
Session s = getHelper().getRepository().login(u.getCredentials());
s.logout();
fail("Login using CryptedSimpleCredentials must fail.");
} catch (LoginException e) {
// success
}
}
use of org.apache.jackrabbit.core.security.authentication.CryptedSimpleCredentials in project jackrabbit by apache.
the class UserImplTest method testUserImplHasCryptedSimplCredentials.
public void testUserImplHasCryptedSimplCredentials() throws RepositoryException, NotExecutableException {
User user = getTestUser(superuser);
Credentials creds = user.getCredentials();
assertNotNull(creds);
assertTrue(creds instanceof CryptedSimpleCredentials);
assertEquals(((CryptedSimpleCredentials) creds).getUserID(), user.getID());
}
Aggregations